📦 Shenyu

Apache ShenYu versions 2.4.0 and 2.4.1 have an authentication bypass vulnerability in the /plugin API endpoint. This allows unauthenticated attackers to access plugin functionality, potentially leadin...

CVE-2021-45029 is a critical vulnerability in Apache ShenYu that allows attackers to inject malicious Groovy or SpEL code, leading to remote code execution. This affects Apache ShenYu versions 2.4.0 a...

This vulnerability allows attackers to bypass authentication in Apache ShenYu Admin by exploiting incorrect JWT implementation. It affects Apache ShenYu versions 2.3.0 and 2.4.0, potentially granting ...

Apache ShenYu Admin allows low-privilege administrators to create users with higher privileges than their own due to improper privilege management. This vulnerability affects Apache ShenYu version 2.5...

This vulnerability in Apache ShenYu allows attackers to cause resource exhaustion (denial of service) by injecting malicious regular expressions into user-controllable parameters. The Pattern.matches(...